freeipa.git/install/share, branch my-master FreeIPA patches Add IPA OTP schema and ACLs 2013-05-17T07:30:51+00:00 Nathaniel McCallum npmccallum@redhat.com 2013-04-11T17:24:46+00:00 cb689354357d5311e7ecb231a34e867c23b8a803 This commit adds schema support for two factor authentication via OTP devices, including RADIUS or TOTP. This schema will be used by future patches which will enable two factor authentication directly. https://fedorahosted.org/freeipa/ticket/3365 http://freeipa.org/page/V3/OTP 
This commit adds schema support for two factor authentication via
OTP devices, including RADIUS or TOTP. This schema will be used
by future patches which will enable two factor authentication
directly.

https://fedorahosted.org/freeipa/ticket/3365
http://freeipa.org/page/V3/OTP
Add ipaUserAuthType and ipaUserAuthTypeClass 2013-05-17T07:30:51+00:00 Nathaniel McCallum npmccallum@redhat.com 2013-04-11T16:30:23+00:00 bc26d87b3445b26b5d33235c1dfeedb7a11cdfc8 This schema addition will be useful for future commits. It allows us to define permitted external authentication methods on both the user and global config. The implementation is generic, but the immediate usage is for otp support. https://fedorahosted.org/freeipa/ticket/3365 http://freeipa.org/page/V3/OTP 
This schema addition will be useful for future commits. It allows us to
define permitted external authentication methods on both the user and
global config. The implementation is generic, but the immediate usage
is for otp support.

https://fedorahosted.org/freeipa/ticket/3365
http://freeipa.org/page/V3/OTP
Fix syntax errors in schema files 2013-04-26T15:15:16+00:00 Petr Viktorin pviktori@redhat.com 2013-04-22T13:21:04+00:00 d4a0fa34afd30765e5ea6f0df21976a6494f13d6 - add missing closing parenthesis in idnsRecord declaration - remove extra dollar sign from ipaSudoRule declaration - handle missing/extraneous X-ORIGIN lines in 10-selinuxusermap.update This does not use the schema updater because the syntax needs to be fixed in the files themselves, otherwise 389 1.3.2+ will fail to start. Older DS versions transparently fix the syntax errors. The existing ldap-updater directive for ipaSudoRule is fixed (ldap-updater runs after upgradeconfig). https://fedorahosted.org/freeipa/ticket/3578 
- add missing closing parenthesis in idnsRecord declaration
- remove extra dollar sign from ipaSudoRule declaration
- handle missing/extraneous X-ORIGIN lines in 10-selinuxusermap.update

This does not use the schema updater because the syntax needs to be
fixed in the files themselves, otherwise 389 1.3.2+ will fail
to start.
Older DS versions transparently fix the syntax errors.

The existing ldap-updater directive for ipaSudoRule is fixed
(ldap-updater runs after upgradeconfig).

https://fedorahosted.org/freeipa/ticket/3578
Fix syntax of the dc attributeType 2013-04-26T15:13:52+00:00 Petr Viktorin pviktori@redhat.com 2013-04-22T11:52:21+00:00 e9863e3fe3cc5ca016c4e216ae3d34b750a34c73 dc syntax is changed from Directory String to IA5 String to conform to RFC 2247. Part of the work for https://fedorahosted.org/freeipa/ticket/3578 
dc syntax is changed from Directory String to IA5 String to conform
to RFC 2247.

Part of the work for https://fedorahosted.org/freeipa/ticket/3578
Add userClass attribute for hosts 2013-04-26T14:20:17+00:00 Martin Kosek mkosek@redhat.com 2013-04-23T07:59:24+00:00 5af2e1779ae1a0eca785493c8ed2eb044c8e282a This new freeform host attribute will allow provisioning systems to add custom tags for host objects which can be later used for in automember rules or for additional local interpretation. Design page: http://www.freeipa.org/page/V3/Integration_with_a_provisioning_systems Ticket: https://fedorahosted.org/freeipa/ticket/3583 
This new freeform host attribute will allow provisioning systems
to add custom tags for host objects which can be later used for
in automember rules or for additional local interpretation.

Design page: http://www.freeipa.org/page/V3/Integration_with_a_provisioning_systems
Ticket: https://fedorahosted.org/freeipa/ticket/3583
Use A/AAAA records instead of CNAME records in ipa-ca. 2013-04-15T19:12:36+00:00 Jan Cholasta jcholast@redhat.com 2013-04-15T10:19:11+00:00 f684c6d6f8f8cde5689a92cf2b06914c3e3da34c https://fedorahosted.org/freeipa/ticket/3547 
https://fedorahosted.org/freeipa/ticket/3547
Remove 'cn' attribute from idnsRecord and idnsZone objectClasses 2013-04-10T11:56:11+00:00 Petr Viktorin pviktori@redhat.com 2013-04-09T14:40:22+00:00 74abb432fb35ce222fd2a9b954557080cad63bf4 A commonName attribute has no meaning in DNS records. https://fedorahosted.org/freeipa/ticket/3514 
A commonName attribute has no meaning in DNS records.

https://fedorahosted.org/freeipa/ticket/3514
Change CNAME and DNAME attributes to single valued 2013-04-02T15:11:46+00:00 Martin Kosek mkosek@redhat.com 2013-03-04T11:48:05+00:00 81be28d6bd49cad19d41a572b0d09c6fe9663359 These DNS attributeTypes are of a singleton type, update LDAP schema to reflect it. https://fedorahosted.org/freeipa/ticket/3440 https://fedorahosted.org/freeipa/ticket/3450 
These DNS attributeTypes are of a singleton type, update LDAP schema
to reflect it.

https://fedorahosted.org/freeipa/ticket/3440
https://fedorahosted.org/freeipa/ticket/3450
Add Kerberos ticket flags management to service and host plugins. 2013-03-29T15:34:46+00:00 Jan Cholasta jcholast@redhat.com 2013-03-18T11:31:23+00:00 5f26d2c6dbe878518963b5d8f9159ed3fcc71d58 https://fedorahosted.org/freeipa/ticket/3329 
https://fedorahosted.org/freeipa/ticket/3329
Put pid-file to named.conf 2013-03-29T07:59:45+00:00 Martin Kosek mkosek@redhat.com 2013-03-20T14:39:59+00:00 48ba165576db93a26d75c50a01ab1be47bb80a69 Fedora 19 has splitted /var/run and /run directories while in Fedora 18 it used to be a symlink. Thus, named may expect its PID file to be in other direct than it really is and fail to start. Add pid-file configuration option to named.conf both for new installations and for upgraded machines. 
Fedora 19 has splitted /var/run and /run directories while in Fedora
18 it used to be a symlink. Thus, named may expect its PID file to be
in other direct than it really is and fail to start.

Add pid-file configuration option to named.conf both for new
installations and for upgraded machines.